Upload File Script - Amend It To Check Size?

[mdemetri2]

Hi

 

Here is hoping someone can help. I have some code that I found and use to upload files to my server, details below (important stuff removed). Currently it works fine, apart from what I suspect is due to file size (I am going to have to find out what the threshold is as I can't see that it is defined anywhere) when uploading a large file fails, it still rights to the table that it has done something but obviously no file, so when you view the apparent attachments available for a location (propertyref) it also lists some where a physically uploaded filed does not exist. Can I add something to the code below to stop it writing to the table if it fails uploading the file? Or set a max file size and have it check at the point of submitting then stop it writing to the table?? MUCH APPRECIATED FOR ANY HELP, THANK YOU!

 

Had to attach portion of code as it kept cutting part way through and not showing correctly in post.

Edited November 15, 2012 by mdemetri2

[mdemetri2]

//This gets all the other information from the form
$name=$_POST['name'];
$pic=($_FILES['originalfilename']['name']);
$PropertyRef = $_POST['propertyRef'];
$uploader = $row_UserSession['contactname'];
//This is the directory where images will be saved
$target = "Attachments/";
$target = $target .$name. basename( $_FILES['originalfilename']['name']);
$path_parts = pathinfo($target);
$newfilename = $path_parts['basename'];
$fullpath = "http://www.blahbla.com".$newfilename;
// Connects to your Database
mysql_connect("localhost", "blah", "blah") or die(mysql_error()) ;
mysql_select_db("blah") or die(mysql_error()) ;
//Writes the information to the database
mysql_query("INSERT INTO `tablename` VALUES ('','$newfilename','$pic','$uploader','$PropertyRef','$fullpath')") ;
//Writes the photo to the server
if(move_uploaded_file($_FILES['originalfilename']['tmp_name'], $target))
{
//Tells you if its all ok
echo "The file " .$pic. basename($_FILES['originalfilename']). " has been uploaded, and your information has been added to the directory";
}
else {
//Gives and error if its not
echo "Sorry, there was a problem uploading your file.";
}

[MDCode]

if(isset($_FILES["originalfilename"]["error"])) {
echo $_FILES["originalfilename"]["error"];

// or use an else here instead
die;
}

 

When using this method you will get an error code. A full list of error codes can be found at http://php.net/manua...load.errors.php

 

You can change the error by doing something like

if($_FILES["originalfilename"]["error"] == "1") {
echo "Your custom message here";
}

 

You can also check the size of the uploaded file with

$_FILES["originalfilename"]["size"]

 

And set a max size (for example 4 MB)

if($_FILES["originalfilename"]["size"] > "4000000") {
echo "File is over 4 MB";
}

Edited November 15, 2012 by SocialCloud

[MDCode]

Sorry wrong byte amount 4 MB is 4194304 (won't let me edit >_<)

[mdemetri2]

Hi SocialCloud

 

thanks for the reply, very much appreciated. I assume if I put a file size check in before it connects to the database, then it would not write to the table and therefore give an error.

 

if($_FILES["originalfilename"]["size"] > "2097152") {

echo "File is over 2 MB";

}

 

I will add this in before the database connection part......as you tell I am obviously just stabbing around with the code here lol..thanks again.

[mdemetri2]

hmm, that did not work, likely due to me putting it in the wrong place, but I assume that check is done when it uploads the file? Also, I have noticed that if you dont browse for a file and hit add, it says there was a problem (i,e. my custom errory), but it writes to the table....so then I get a load of entries which dont have valid files associated.

 

Although this code 'works' it has holes. Mainly, I need to stop it allowing no files selected, and find out why this is failing uploading large files if I don't have files size specified, is it just a limitation of this method?

[MDCode]

I assume you are just using if and no else to your code which would be the problem. The if function does not kill the script which makes it continue without stopping, you can either use die instead of echo or use an else { as so

 

<?php
if($_FILES["originalfilename"]["size"] > "2097152") { 
echo "File is over 2 MB"; 
} else {
// execute everything else
}
?>

[White_Lily]

You could make this fairly easy and try to learn how to create a file uploading system yourself. That way error checking would be much easier and you would be able to customise what type of files go in and out of your system.

 

<?php
//file information goes roughly here

//checking file types
$fileType = explode(".", $filename);

if($fileType[1] == "doc"){
//if uploaded file is a MS Word Document write success message
}else{
//write error message
}

?>

[MDCode]

You could make this fairly easy and try to learn how to create a file uploading system yourself. That way error checking would be much easier and you would be able to customise what type of files go in and out of your system.

 

<?php
//file information goes roughly here

//checking file types
$fileType = explode(".", $filename);

if($fileType[1] == "doc"){
//if uploaded file is a MS Word Document write success message
}else{
//write error message
}

?>

 

They can use $_FILES["originalfilename"]["type"] to see what kind of file it is, which would make the process much simpler.

 

They are also looking for pictures.

Edited November 27, 2012 by SocialCloud